Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in the Cloud


Published on

As one of the most forward thinking critical infrastructure companies in the UK, SGN is blazing a trail by becoming the first UK critical infrastructure company to run 100% in the cloud and using innovative IoT technologies to revolutionize the management of gas pipelines. To manage the risk, SGN embarked on a mission to shape the attack path of intruders. In this session, Mo Ahddoud, CISO at SGN will share how he used a technique called attack path mapping to put privileged access at the center of SGN's digital transformation.

For more information on Security, please visit:­Security

Published in: Technology
  • Be the first to comment

  • Be the first to like this

Case Study: How SGN Used Attack Path Mapping to Control Privileged Access in the Cloud

  1. 1. How  SGN  Used  Attack  Path  Mapping  to  Control   Privileged  Access  in  the  Cloud Mo  Ahddoud SCT15S SECURITY Chief  Information  Security  Officer SGN
  2. 2. 2 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS ©  2017  CA.  All  rights  reserved.  All  trademarks  referenced  herein  belong  to  their  respective  companies. The  content  provided  in  this CA  World  2017  presentation  is  intended  for  informational  purposes  only  and  does  not  form  any  type   of  warranty. The information  provided  by  a  CA  partner  and/or  CA  customer  has  not  been  reviewed  for  accuracy  by  CA.   For  Informational  Purposes  Only   Terms  of  This  Presentation
  3. 3. 3 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS Abstract As  one  of  the  most  forward  thinking  critical  infrastructure  companies  in  the  UK,  SGN  is   blazing  a  trail  by  becoming  the  first  UK  critical  infrastructure  company  to  run  100%  in  the   cloud  and  using  innovative  IoT  technologies  to  revolutionize  the  management  of  gas   pipelines.  To  manage  the  risk,  SGN  embarked  on  a  mission  to  shape  the  attack  path  of   intruders.  In  this  session,  Mo  Ahddoud,  CISO  at  SGN  will  share  how  he  used  a   technique  called  attack  path  mapping  to  put  privileged  access  at  the  center  of  SGN's   digital  transformation. Mo Ahddoud SGN CISO
  5. 5. 5 Who  Are  SGN? • 5.0bn RAV  (March  2016) • 74,000km network  length • 5.9million customers • c4500 FTEs  employees • 1.1bn revenues  (2015/16) • 15,907 new  connections  2015/16 • 139TWh energy  distributed   • 960km pipes  replaced  in 2015/16
  6. 6. 6 Digital  Transformation   Change -­‐ a  measurable,   physical  difference.       Transformation – an  extreme  radical,  change  that   drives  an  organisation  in  a  new  direction  and  takes   it  to  an  entirely  different  functional  level.     • Internet  of  Things • Customer  Experience • Digital  Workforce   • Cloud  First  
  8. 8. 8 Our  Business  Strategy   • Reduced  totex • Increased  agility   • Resilience  availability • New  innovation     • Improved  Security     Devolution  of  IT   TAKE  “IT”  OFF  OF  THE   CRITICAL  PATH
  9. 9. 9 Supply  Chain The  Cloud  Hopper    
  10. 10. 10 • Unpatched  systems • Fragmented  solution • Obsolete  technology   • Convoluted  value  chain Business  Complexity  
  11. 11. 11 Attack  Path  Mapping   • Prioritise  on  likely  attack  paths • Ensure  you  can  detect • Reduce  the  network  footprint Internal  Phishing Accessing User  Mailbox Accessing Internal  Apps Access File  share
  12. 12. 12 The  heart  of  our  security  strategy Privileged  Access  Management   Virtual  Datacentre  Build Datacentre   Security   Testing Cloud   Monitoring ServiceNow PPM  and  Cloud   Management Cloud  Networking   and  Security Integration  &  API   catalogue Cloud   Sign-­on Application  Migration Application     Discovery  Due   Diligence Operational  Model Service  Transition  and  Support Cloud   Programme   Management   and  support Delivery   Framework   Definition Architecture   Governance Procurement   and   Commercials Office  365   Technical     Migration Office  365   Business   Migration Automated  Testing CA  Privileged Access  Manager
  13. 13. 13 • Ticket  Authorisation   • Timebound   • Remove  Passwords • Audit  and  Verify Protecting  Apps  and  Data Amazon  Web  Services
  14. 14. 14 • NCSC • Lighthouse  partnership Collaboration  &  Partnership  
  15. 15. 15 Thank  You  for  Listening _____ Any  Questions?
  16. 16. 16 COPYRIGHT  ©  2017  CA.  ALL  RIGHTS  RESERVED#CAWORLD #NOBARRIERS Security For  more  information  on  Security, please  visit:­Security